 "India IT Professionals Not So Pleased With Growing BYOD Trend")
India is one of the fastest growing mobile markets in the world and the domestic mobile phone market is increasingly moving towards smartphones. According to the India edition of the “2011 ISACA Shopping on the Job Survey: Online Holiday Shopping and BYOD Security” more than half of IT professionals in India (56 percent) believe that the risk resulting from employees’ use of personal mobile devices for work activities currently outweighs the benefits. Yet, since more than a third of enterprises allow personal devices to be used for work, global IT association ISACA urges enterprises to embrace the technology and the benefits it brings, while educating employees on the potential risk.
The 2011 Shopping on the Job study also examined risky online behaviours at work. Nearly sixty percent of IT professionals in India say that their enterprise prohibits employees from accessing social media web sites from work-supplied devices. Thirty-eight percent limit the use of work-supplied mobile devices for personal use and 45 percent prohibit employees from shopping online using a work-supplied device.
Yet, 92 percent of respondents say employees will spend at least 2-4 hours shopping online during work hours, and more than 56 percent say employees will spend 6 hours or more. Fifty-six percent of IT professionals in India believe their enterprise loses between INR 50,000 and INR 2,50,000 per employee who shops online during work hours using work-supplied computers or smartphones. To minimise the costly risk associated with online shopping, 52 percent of the polled companies prohibit the use of work e-mail addresses for personal online shopping and about 56 percent have a security policy that covers mobile devices. Additionally, 70 percent of the organisations provide training on the policy and 68 percent have technology in place to protect against web-based attacks.
“As companies increasingly provide employees with laptops and smartphones—and as others increasingly allow employees to use their own devices at work— work and personal activities continue to blur and risk increases. This results in a increasing risk to the enterprise because of the danger that cookies and other tools used by online sites for gathering information could be potentially be gathering other information from the systems” said Niraj Kapasi, IT auditor and chair of ISACA’s India Task Force. “Between lost productivity, the dangers of unsecured networks, and the potential to lose or misplace the small items, mobile devices pose many risks that must be managed to obtain their substantial benefits,” he said.
Loss of a company-supplied device is considered high risk to the enterprise by 91 percent of the survey participants.
While the use of applications with geolocation is increasing, 41 percent of respondents in India say their enterprises don’t provide security guidance on it. Geolocation is valuable, but employees need education on when to enable and disable it. ISACA’s five-step ROUTE helps minimise geolocation risk:
Read mobile app agreements to see what information you are sharing.
Only enable geolocation when the benefits outweigh the risk.
Understand that others can track your current and past locations.
Think before posting tagged photos to social media sites.
Embrace the technology, and educate yourself and others.